<?php
//zaciatok kontrolovaneho stringu musi zacinat lomitkom
function Right_Check($ID){
//session_start();
if(!isset($_SESSION['rights']))return false;
$str=$_SESSION['rights'] ;

        $index=0;
        while($index<strlen($str))
        {
                $index++;
                if($str[$index]=="/")
                {
                        if($strC==$ID) return true; else $strC="";
                }
                else
                {
                        $strC=$strC.$str[$index];
                }
        }
        return false;
}
function Right_Find($Rights,$ID){
    $str = $Rights;
    $index=0;
    while($index<strlen($str))
    {
        $index++;
        if($str[$index]=="/")
            if($strC==$ID) return true; else $strC="";
        else
            $strC=$strC.$str[$index];
    }
        return false;
}

function GetAdminID(&$ID){
    if(!isset($_SESSION['admin']))return false;
    $ID =$_SESSION['admin'];
    return true;
}
function Is_Action($ID){
    $sql="SELECT * FROM product_actions WHERE PA_ProductID=".$ID;
    $exist=mysql_query($sql);
    if(mysql_num_rows($exist)==1)
       return true;
    else
       return false;
}
function SQL_Add_Action($ID){
    $sql="INSERT INTO product_actions (PA_ProductID) VALUES (".$ID.")";
    mysql_query($sql);
    return true;
}
function SQL_Remove_Action($ID){
    $sql="DELETE FROM product_actions WHERE PA_ProductID=".$ID;
    mysql_query($sql);
    return true;
}
function Is_in_stack($ID){
    $sql="SELECT Product_Availability FROM products WHERE ID=".$ID;
    $exist=mysql_query($sql);
    if(mysql_num_rows($exist)==1){
       $SQL_Product_Availability = mysql_fetch_object($exist);
       if($SQL_Product_Availability->Product_Availability==1)
          return true;
       else
          return false;
       }
    else
       return false;
}
function SQL_is_in_stack($ID){
    $sql="UPDATE products SET Product_Availability=1 WHERE ID=".$ID;
    mysql_query($sql);
    return true;
}
function SQL_not_in_stack($ID){
    $sql="UPDATE products SET Product_Availability=0 WHERE ID=".$ID;
    mysql_query($sql);
    return true;
}
function edit_sql($ID,$code,$name,$price,$descr,$stack,$action,$Product_DPH,$Product_UnitType){
     if(Is_Action($ID)){
          if(!$action==1) SQL_Remove_Action($ID);
     }else{
          if($action==1) SQL_Add_Action($ID);}

     if($stack=="2/")  {$stack=1;}  else {$stack=0;}

    $sql="UPDATE products SET Product_Code='".$code."',
                              Product_Name='".$name."',
                              Product_Price='".$price."',
                              Product_Descr='".$descr."',
                              Product_Availability=".$stack.",
							  Product_DPH=".$Product_DPH.",
							  Product_UnitType='".$Product_UnitType."'
		  WHERE ID=".$ID;
    mysql_query($sql);
    return true;
}
function SQL_Delet($ID){
    //doplnit mazanie obrazka 1
    if(file_exists("../data/images/".$ID.".jpg"))     unlink("../data/images/".$ID.".jpg");
    if(file_exists("../data/images/".$ID."mini.jpg")) unlink("../data/images/".$ID."mini.jpg");
    //doplnit mazanie obrazka 2
    if(file_exists("../data/images/".$ID."d2.jpg"))     unlink("../data/images/".$ID."d2.jpg");
    if(file_exists("../data/images/".$ID."d2mini.jpg")) unlink("../data/images/".$ID."d2mini.jpg");
    //doplnit mazanie obrazka 3
    if(file_exists("../data/images/".$ID."d3.jpg"))     unlink("../data/images/".$ID."d3.jpg");
    if(file_exists("../data/images/".$ID."d3mini.jpg")) unlink("../data/images/".$ID."d3mini.jpg");
    $sql="DELETE FROM products WHERE ID=".$ID;
    mysql_query($sql);
    if(Is_Action($ID))                     SQL_Remove_Action($ID);

    return true;
}
function SQL_Delete_Adm($ID){
    if(($ID!="") AND ($ID!=0)){
        $sql="DELETE FROM admins WHERE ID=".$ID;
        mysql_query($sql);

//	print "<br /><br />Na testovacej aplik�cii nie je t�to oper�cia povolen�. Kontaktujte pros�m autorov aplik�cie! �akujeme za pochopenie!<br /><br />";

        return true;
    }
    return false;
}
function SQL_Update_Adm($ID,$A_Name, $A_Surname,$A_Nick,
                        $A_Passwd,$A_Passwd2,$A_Rights)
{
    if (($A_Nick!="") AND  ($A_Passwd!="") AND ($A_Passwd==$A_Passwd2))
    {
        $SQL="UPDATE admins SET
                A_Name      = '".$A_Name."',
                A_Surname   = '".$A_Surname."',
                A_Nick      = '".$A_Nick."',
                A_Passwd    = '".$A_Passwd."',
                A_Rights    = '".$A_Rights."'
              WHERE ID=".$ID;
        @$result = mysql_query($SQL);

//	print "<br /><br />Na testovacej aplik�cii nie je t�to oper�cia povolen�. Kontaktujte pros�m autorov aplik�cie! �akujeme za pochopenie!<br /><br />";

        return $result;
    }
    return false;
}

function File_Upload($source_filename,$ID)
{

define("PATH_UPLOAD","../data/images/");
    //chdir(PATH_UPLOAD);
    move_uploaded_file($source_filename,PATH_UPLOAD.$ID.".jpg")

      or die ("Subor sa nepodarilo preniest");

    $image=PATH_UPLOAD.$ID.".jpg";
    $imgMini=PATH_UPLOAD.$ID."mini.jpg";
    $size=getImageSize($image);
    if($size[0]>$size[1])$w=_PREVIEW_IMAGE_MAX_WIDTH_;
    else                 $h=_PREVIEW_IMAGE_MAX_HEIGHT_;
    if($h){    $w=$size[0]/($size[1]/$h); }
    else{    $h=$size[1]/($size[0]/$w); }

    $dst_img=imagecreatetruecolor($w,$h);
    $src_img=ImageCreateFromjpeg($image);
    ImageCopyResampled($dst_img,$src_img,0,0,0,0,$w,$h,$size[0],$size[1]);
    ImageJpeg($dst_img,$imgMini,100);

    if($size[0]>_IMAGE_MAX_WIDTH_ or $size[1]>_IMAGE_MAX_HEIGHT_)
    {   $w=0;
        $h=0;
        $image=PATH_UPLOAD.$ID.".jpg";
        $imgRes=PATH_UPLOAD.$ID.".jpg";
        $size=getImageSize($image);
        if($size[0]>$size[1])$w=_IMAGE_MAX_WIDTH_;
        else                 $h=_IMAGE_MAX_HEIGHT_;
        if($h){    $w=$size[0]/($size[1]/$h); }
        else{    $h=$size[1]/($size[0]/$w); }

        $dst_img=imagecreatetruecolor($w,$h);
        $src_img=ImageCreateFromjpeg($image);
        ImageCopyResampled($dst_img,$src_img,0,0,0,0,$w,$h,$size[0],$size[1]);
        ImageJpeg($dst_img,$imgRes,100);
    }


}
//////////////////////////////////////edit/////////////////////////////////////
function rutine_menu_only_1($menuroll,$ID){
if(!is_roll($menuroll,$ID))
    {
    return "/".$ID."/";
    }
    else
    {
    return str_replace("/".$ID."/","/",$menuroll);
    }
}
///////////////////////////////////////////////////////////////////////////
function add_SQL($code,$name,$price,$descr,$stack,$action,$UnitType,$SC_ID,$Source_file,$Source_file2,$Source_file3,$Product_DPH){



     if($stack=="2/")  {$stack=1;}  else {$stack=0;}
    $sql="insert into products (Product_Code,
                              Product_Name,
                              Product_Price,
                              Product_DPH,
                              Product_UnitType,
                              Product_Descr,
                              SC_ID,
                              Product_Availability
                              )VALUES (
                               '".$code."',
                               '".$name."',
                               ".$price.",
                               $Product_DPH,
                               '".$UnitType."',
                               '".$descr."',
                               ".$SC_ID.",
                               ".$stack.")";

    mysql_query($sql);
    $NP_ID = mysql_insert_id();
    if($action=="1/") SQL_Add_Action($NP_ID);
    if(($Source_file)!="") File_Upload($Source_file,$NP_ID);
    if(($Source_file2)!="") File_Upload($Source_file2,$NP_ID.'d2');
    if(($Source_file3)!="") File_Upload($Source_file3,$NP_ID.'d3');
    return $NP_ID;
}
function SQL_Delete_Chat($ID){
    if(($ID!="") AND ($ID!=0)){
        $sql="DELETE FROM chat WHERE ID=".$ID;
        mysql_query($sql);
        return true;
    }
    return false;
}
function SQL_Delete_User($ID){
    if(($ID!="") AND ($ID!=0)){
        $sql="DELETE FROM users WHERE ID=".$ID;
        mysql_query($sql);
        return true;
    }
    return false;
}
function SQL_Delete_Order($ID){
    if(($ID!="") AND ($ID!=0)){
        $sql="DELETE FROM order_heads WHERE ID=".$ID;
        mysql_query($sql);
        $sql="DELETE FROM order_products WHERE OH_ID=".$ID;
        mysql_query($sql);
        return true;
    }
    return false;
}
function Order_Is_Unread($ID){
    $sql="SELECT OH_Unread FROM order_heads WHERE ID=".$ID;
    $exist=mysql_query($sql);
    if(mysql_num_rows($exist)==1){
       $SQL_Product_Availability = mysql_fetch_object($exist);
       if($SQL_Product_Availability->OH_Unread!="R")
          return true;
       else
          return false;
       }
    else
       return false;
}
function Order_Is_Confirm($ID){
    $sql="SELECT OH_Confirm FROM order_heads WHERE ID=".$ID;
    $exist=mysql_query($sql);
    if(mysql_num_rows($exist)==1){
       $SQL_Product_Availability = mysql_fetch_object($exist);
       if($SQL_Product_Availability->OH_Confirm=="C")
          return true;
       else
          return false;
       }
    else
       return false;
}
function Order_Set_AsRead($ID){
    $sql="UPDATE order_heads SET OH_Unread='R' WHERE ID=".$ID;
    mysql_query($sql);
    return true;
}
function Order_Set_Confirm($ID){
    $sql="UPDATE order_heads SET OH_Confirm='C' WHERE ID=".$ID;
    mysql_query($sql);
    return true;
}
function Order_Set_No_Confirm($ID){
    $sql="UPDATE order_heads SET OH_Confirm=NULL WHERE ID=".$ID;
    mysql_query($sql);
    return true;
}
function SQL_Control_Duplicate($Nick,$id)
{
        $sql_psel=  "SELECT A_Nick,ID FROM admins";
        $Product_source = mysql_query($sql_psel);
        while($sql_array_adm = mysql_fetch_object($Product_source))
        {
                if($sql_array_adm->A_Nick==$Nick and $sql_array_adm->ID!=$id)return true;
        }
        return false;
}
function SQL_Control_NEW_Duplicate($Nick)
{
        $sql_psel=  "SELECT A_Nick,ID FROM admins";
        $Product_source = mysql_query($sql_psel);
        while($sql_array_adm = mysql_fetch_object($Product_source))
        {
                if($sql_array_adm->A_Nick==$Nick )return true;
        }
        return false;
}
?>